How important to you is it that vendors have readily available security compliance documentation when you begin the evaluation process?

Security & GRC Innovation & Emerging Trends

Very Important51%

Somewhat Important44%

Not Important4%

220 PARTICIPANTS

2k views1 Comment

Sort by:

Senior Director, Defense Programs in Software5 years ago

I find it interesting how important responders say it is compared to how often we all feel we are the first person in the world asking about security compliance from vendors...

Content you might like

What cyber threat are you most concerned about?

Insider threats – rogue admins24%

Encrypting my data39%

Deleting my backup copies13%

Resident malware18%

Data theft – data exfiltration5%

Other

View Results

Digital transformation isn’t just about new tools—it’s about changing how teams work. Key lessons I’ve observed:

1. Start with process bottlenecks, not technology
2. Empower cross-functional teams
3. Measure outcomes, not outputs

What has been the most surprising lesson your teams have learned during a transformation?

How would you describe the maturity of the risk management program at your organization currently?

Early Stages - the security activities haven't been planned/deployed yet.17%

Middle stage - we've planned security activities, but we've only partially deployed them.59%

Late-middle stage - we've deployed the majority of our security activities and it's keeping up with threats.19%

Mature stage - all security activities are deployed and are proactively detecting threats.3%

View Results

Can you walk us through your process for evaluating AI investments against core IT needs? What criteria do you use to determine when AI innovation is worth the potential trade-off?

Has anyone been successful in implementing a FinOps Cost Optimization policy to turn down idle cloud instances during off hours (nights/weekends)? DId you start with non-prod environments? How are you handling logging/monitoring alerts during that time?

How important to you is it that vendors have readily available security compliance documentation when you begin the evaluation process?

Sort by:

Content you might like

What cyber threat are you most concerned about?

How would you describe the maturity of the risk management program at your organization currently?

Can you walk us through your process for evaluating AI investments against core IT needs? What criteria do you use to determine when AI innovation is worth the potential trade-off?

Has anyone been successful in implementing a FinOps Cost Optimization policy to turn down idle cloud instances during off hours (nights/weekends)? DId you start with non-prod environments? How are you handling logging/monitoring alerts during that time?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go